Skip to main content

Doug Bonderud

Doug Bonderud is a freelance writer passionate about the evolution of technology and its impact on companies, stakeholders and end-users alike. Want to know more? Follow Doug on Twitter.

Posts by Doug Bonderud
  • Corporate cybersecurity risk is drawing federal attention: According to the Wall Street Journal, the US Securities and Exchange Commission now mandates that companies report "cybersecurity risks that could affect the business or its registrants materially" on their 10-K statements. The SEC wants businesses to err on the side of full disclosure, but for many organizations, even… READ MORE

Stay up to date on Application Security

  • The cloud. Mobile devices. High-availability networks. These and other technological advances have empowered users to work with greater efficiency and with lower spend, but they come with an unintended side effect: the consumerization of IT. Where employees once leaned on IT admins to troubleshoot any problems or install new software, they're now able to perform the same tasks via easy-to-use… READ MORE

  • Most companies don't want to talk about their supply chains and risk management in the same sentence, let alone bring this topic to the boardroom. Why? Because, as a recent Harvard Business Review (HBR) article points out, "suppliers tend to be optimistic about the information they provide," while companies looking to bolster their bottom lines without breaking the budget are often… READ MORE

  • Data breaches are on the rise. According to a recent Forbes article, more than 675 million records were compromised last year. What's more, these breaches weren't limited to a single sector: retail, financial and even post-secondary institutions were all victimized. That means IT security must evolve, and that evolution starts with the Chief Information Security Officer (CISO). In a new… READ MORE

  • Cybersecurity is a now a top priority for board members. According to Help Net Security's report on a recent NYSE Governance Services/Veracode survey, over 80 percent of respondents said security was discussed at "most or all" boardroom meetings. But there's a disconnect: Sixty-six percent of those surveyed said they were "not fully confident their companies are properly… READ MORE

  • Discovering vulnerabilities is an essential part of effective security testing; companies pay good money for services to accomplish this goal with rigor and precision. Many enterprises now offer "bug bounties" to encourage white-hat hackers to deliberately penetrate systems and then report the results. One such independent security researcher is Chris Roberts, a cybersecurity consultant… READ MORE

  • What's in a name? If you're talking about the emerging idea of DevOps, then there's an easy answer: everything. As noted by Forbes, there's no single definition of the term; however, according to Adam Jacob, CTO of Chef Software, "DevOps is the experience of people who are using it to transform their businesses." In other words, the name means different things to… READ MORE

  • What is Cross-Site Request Forgery (CSRF)? More importantly, how can your business take action against it? Here's everything you need to know about this threat, its potential impact and your best defense. Cross-Site Basics CSRF attacks are listed among the OWASP Top 10, but they are often overlooked in favor of Cross-Site Scripting (XSS) vulnerabilities, advanced malware or inherent software… READ MORE

  • CISOs play a critical role keeping a company's most critical asset — data — safe from both internal and external threats. But they're now tasked with the job of mastering executive communication, so they can both engage other C-suite members and give them a practical understanding of cybersecurity risk. As noted by CIO, "tension" between the CISO and other members of… READ MORE

  • Third-party software can be problematic. Just ask American Airlines, which recently experienced an issue with its iPad-based electronic flight bags. A misconfiguration in third-party mapping software caused the devices to crash when pilots tried to access a specific map, in turn delaying flights and frustrating crew members. Thankfully, the issue wasn't malicious, but it does highlight the… READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.